This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json) Hash identifier: 4aaYhG+B14qaqx85YBBIfzJp5asEDh6/jcVh6aBzqtI= Subject key identifier: B0:45:5F:17:D6:12:D9:4B:4B:CB:A1:BA:F6:E8:85:9E:8D:9F:C4:21 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 20631891AE546B7CB920551E70DB944890A2BE57 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa Signing time: Wed 10 Dec 2025 05:10:05 +0000 ROA not before: Wed 10 Dec 2025 05:10:05 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:63:18:91:ae:54:6b:7c:b9:20:55:1e:70:db:94:48:90:a2:be:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:05 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=57d0a0986549253f1afa4c62d36aea6d16fc25ce9f96934e146a8e33286c7a42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:28:fa:db:9e:84:95:96:03:f3:24:35:b2:f4: 41:11:05:4c:f3:0a:ea:f5:d3:d6:2e:b5:7f:e3:7a: 32:f5:2c:53:94:12:06:38:08:a5:8c:a1:cf:ee:a0: 89:fc:97:80:36:78:49:e5:00:96:29:86:b9:67:93: 91:4f:db:b7:41:d7:b8:22:55:17:1a:19:20:ee:64: dc:f3:7a:9a:65:52:3b:fa:19:4a:fd:ca:db:6d:4e: cf:8c:11:d8:c0:f1:0e:f1:d6:0f:c3:ff:1b:cb:a8: e2:cf:fe:71:44:7c:11:2a:df:d7:d0:a4:79:27:a2: c5:7d:6d:61:3e:20:70:fd:2f:c3:85:ca:99:2a:01: 92:95:cf:6f:0e:0f:d7:4e:49:df:9f:19:d1:e8:8a: 25:9c:86:09:25:f4:f2:a8:32:29:c3:7e:1a:9e:e5: bb:ab:21:95:71:2f:2c:86:17:a8:ca:b5:ba:33:6a: 93:98:b2:90:07:ba:93:f9:3f:0a:70:26:b4:12:a9: b3:02:95:6b:8c:3d:77:08:02:90:45:ce:5e:e7:d3: bc:35:bf:cb:cb:f3:93:6e:96:68:db:ff:1b:e8:f8: 1b:f7:fd:6d:4a:41:94:1a:fc:9e:2c:35:6e:39:5e: 61:06:8a:86:7f:f9:99:05:f5:d1:c4:13:ea:a9:64: 68:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:45:5F:17:D6:12:D9:4B:4B:CB:A1:BA:F6:E8:85:9E:8D:9F:C4:21 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:5000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:da:84:cc:92:1c:66:56:29:80:a6:34:e9:5f:56:e6:70:ac: 84:f1:d6:86:8d:db:66:5d:7d:56:b7:e9:46:22:57:37:b0:6c: bb:62:b9:10:e3:95:8b:d8:e8:54:9c:d4:77:8d:fa:88:60:b4: a3:55:e4:d7:28:e0:5d:4f:73:bc:6b:cc:0f:dc:31:25:b0:21: 0b:27:13:84:25:ba:0e:77:35:ea:a2:8e:ee:be:61:c0:4c:36: 8a:e2:eb:74:69:5f:9c:92:d1:3f:ea:e1:88:46:37:3d:26:73: f7:1d:95:2d:a2:44:95:fe:2a:5b:cf:70:b4:03:43:66:96:bb: 2a:f2:c6:96:e7:9f:ba:ad:5a:a9:2b:d6:43:bf:bd:ae:fb:29: d6:8d:b0:5e:a8:70:d5:59:98:4b:30:b8:19:25:2e:a7:e9:b3: 1b:2f:c9:b8:de:73:ec:20:6b:14:12:8a:93:66:82:b3:f8:c8: 06:c3:19:5a:a4:08:ea:5a:c5:a5:f3:eb:d6:d5:89:fd:36:80: de:36:58:93:3a:c2:da:56:78:79:74:f2:70:34:d4:bd:eb:80: ee:31:5e:9e:69:26:5c:ac:a8:38:b4:cd:64:ea:d1:49:8d:38: 70:f4:56:35:b1:cd:1b:8d:77:0c:ea:0b:78:02:ce:ef:e8:61: cb:03:3e:b9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIGMYka5Ua3y5IFUecNuUSJCivlcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU3ZDBhMDk4NjU0OTI1M2YxYWZhNGM2MmQzNmFlYTZkMTZmYzI1Y2U5Zjk2 OTM0ZTE0NmE4ZTMzMjg2YzdhNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALco+tuehJWWA/MkNbL0QREFTPMK6vXT1i61f+N6MvUsU5QSBjgIpYyhz+6g ifyXgDZ4SeUAlimGuWeTkU/bt0HXuCJVFxoZIO5k3PN6mmVSO/oZSv3K221Oz4wR 2MDxDvHWD8P/G8uo4s/+cUR8ESrf19CkeSeixX1tYT4gcP0vw4XKmSoBkpXPbw4P 105J358Z0eiKJZyGCSX08qgyKcN+Gp7lu6shlXEvLIYXqMq1ujNqk5iykAe6k/k/ CnAmtBKpswKVa4w9dwgCkEXOXufTvDW/y8vzk26WaNv/G+j4G/f9bUpBlBr8niw1 bjleYQaKhn/5mQX10cQT6qlkaBECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwRV8X 1hLZS0vLobr26IWejZ/EITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ MA0GCSqGSIb3DQEBCwUAA4IBAQCN2oTMkhxmVimApjTpX1bmcKyE8daGjdtmXX1W t+lGIlc3sGy7YrkQ45WL2OhUnNR3jfqIYLSjVeTXKOBdT3O8a8wP3DElsCELJxOE JboOdzXqoo7uvmHATDaK4ut0aV+cktE/6uGIRjc9JnP3HZUtokSV/ipbz3C0A0Nm lrsq8saW55+6rVqpK9ZDv72u+ynWjbBeqHDVWZhLMLgZJS6n6bMbL8m43nPsIGsU EoqTZoKz+MgGwxlapAjqWsWl8+vW1Yn9NoDeNliTOsLaVnh5dPJwNNS964DuMV6e aSZcrKg4tM1k6tFJjThw9FY1sc0bjXcM6gt4As7v6GHLAz65 -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:58 2026 by rpki-client